What do the following headers mean?
As you should already know, there is 4 different "group by" options to generate a patch report: by OS, by Asset Group, by Host and by Patch. Each version has its own csv output. You mentioned "patch list" so I assume that you are talking about the group by Patch version of the patch report.
So here is how you can read the csv file:
1. "Patch list" section gives you the full list of unique patches that need to be installed on the hosts to fix their vulnerabilities. Keep in mind that we respect the supercede information and we give the most recent and relevant patch that will fix multiple vulnerabilities. A good example to illustrate this is a Service Pack type of patch: a service pack contains the patches for multiples MSXX-YYYY vulnerabilities.
This list also gives you the references for this patch in the QualysGuard knowledge base with the title and the associated severity, the vendor reference, the number of hosts that need to be patched and the date when the patch was released.
2. "Patches by host" section gives you the list of the patches that need to be installed for each host.
3. As mentioned above, because of the supercede information, one patch can fix multiple vulnerabilities. So the "Host Vulnerabilities Fixed by Patch" section gives the list of all the vulnerabilities that could be fix in installing the recommended patches.
I hope it helps,
Retrieving data ...